Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/tXPAGmMeMGUt_Y_GLIdZ4bm84u8.roa
File: tXPAGmMeMGUt_Y_GLIdZ4bm84u8.roa (raw, json)
Hash identifier: Oq4uFu3qipLlmPEUoTtkEvFzy024ZUUiULoF07CLIxw=
Subject key identifier: B5:73:C0:1A:63:1E:30:65:2D:FD:8F:C6:2C:87:59:E1:B9:BC:E2:EF
Certificate issuer: /CN=c1b050211219d18e996e086cb7f6309178804860
Certificate serial: 018CC6B8B4C5F262F79128606BC65CADC71F
Authority key identifier: C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/tXPAGmMeMGUt_Y_GLIdZ4bm84u8.roa
Signing time: Mon 01 Jan 2024 20:30:42 +0000
ROA not before: Mon 01 Jan 2024 20:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201544
IP address blocks: 89.108.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/wbBQIRIZ0Y6Zbghst_YwkXiASGA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/wbBQIRIZ0Y6Zbghst_YwkXiASGA.mft
rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:b4:c5:f2:62:f7:91:28:60:6b:c6:5c:ad:c7:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1b050211219d18e996e086cb7f6309178804860
Validity
Not Before: Jan 1 20:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b573c01a631e30652dfd8fc62c8759e1b9bce2ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fe:e9:32:0b:be:80:f1:85:80:3c:cb:9b:48:
af:d6:74:6b:67:b0:c4:63:e8:0d:9d:37:8d:11:bf:
9a:67:6c:a6:7f:ca:1a:92:3f:81:f4:79:1c:b0:21:
bb:45:14:74:4a:12:d1:c4:d9:db:25:6b:1d:04:40:
7a:c9:ee:e2:c9:da:da:d5:b4:f4:cd:7f:50:dd:3e:
06:a4:8a:86:f1:79:7a:98:c0:26:ab:bf:e4:30:5f:
44:81:df:30:dc:00:cd:44:ab:48:cd:bc:45:3e:05:
66:13:73:1a:2a:81:f4:ca:83:db:98:e0:d9:26:36:
ce:93:1d:d6:a2:ee:3f:b2:d3:4d:23:25:a5:cc:e2:
b9:9b:11:c2:b4:5f:e3:d8:82:3a:05:cc:33:06:ff:
07:e9:42:7d:c3:3e:7b:f2:02:43:77:68:6e:19:d1:
1e:60:24:8e:5e:d7:a4:20:38:3a:2a:fe:a6:f0:3f:
ad:fe:3a:67:f9:18:35:c8:6d:df:9f:b1:61:f7:dc:
e1:43:8c:1b:bb:19:bc:d5:b4:ab:a1:74:a4:94:46:
4a:84:36:e5:97:86:fc:ce:bc:bb:56:6c:71:3d:e6:
aa:2e:cb:94:e1:85:3a:38:9b:d8:5f:5d:6c:a1:9e:
f5:c5:87:fa:e2:59:fc:55:96:19:fa:3d:ba:35:70:
83:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:73:C0:1A:63:1E:30:65:2D:FD:8F:C6:2C:87:59:E1:B9:BC:E2:EF
X509v3 Authority Key Identifier:
keyid:C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/tXPAGmMeMGUt_Y_GLIdZ4bm84u8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/wbBQIRIZ0Y6Zbghst_YwkXiASGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.108.134.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:41:ca:77:0a:36:92:1f:ff:99:25:e7:f9:24:15:ed:d6:9c:
60:43:bb:73:16:a9:14:86:b7:df:33:06:98:04:0f:39:29:aa:
81:dd:85:9d:5b:cf:e1:94:a9:2d:58:01:1c:4d:71:07:d2:b4:
99:62:8f:85:64:f9:b4:c4:93:32:40:64:af:f2:7c:ce:63:69:
2d:04:ba:08:d0:c7:26:db:1f:a1:d2:40:b1:94:b9:d9:e1:b3:
89:1f:24:8c:5e:0b:61:b6:2c:8d:2c:1f:bb:35:30:98:45:df:
92:0c:ec:33:c2:29:3c:aa:e4:a2:f2:cc:62:35:2b:d3:26:f0:
f0:ed:7b:a0:30:cf:d1:dd:2d:ac:18:88:c8:56:dd:4a:68:d7:
05:90:4b:4f:01:1c:18:33:37:0c:58:2c:9b:65:be:1a:49:4d:
61:ed:56:6c:3e:d5:e1:85:17:2e:18:07:bb:ba:a9:50:9e:25:
b7:e8:ee:6d:96:21:7d:f9:b0:f7:ab:8f:37:54:1c:a6:c9:47:
74:43:ec:62:f9:f9:61:32:49:4e:52:29:96:34:b6:b1:71:6d:
52:0f:75:3c:5f:a3:66:34:c1:5d:f2:96:4e:b1:6b:6f:c0:42:
d8:d4:ac:8b:39:b1:52:0a:ee:8f:9b:fb:20:f7:2e:16:e5:ee:
de:7f:97:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuLTF8mL3kShga8ZcrccfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYjA1MDIxMTIxOWQxOGU5OTZlMDg2Y2I3ZjYzMDkxNzg4
MDQ4NjAwHhcNMjQwMTAxMjAzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTczYzAxYTYzMWUzMDY1MmRmZDhmYzYyYzg3NTllMWI5YmNlMmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlv7pMgu+gPGFgDzLm0iv1nRrZ7DE
Y+gNnTeNEb+aZ2ymf8oakj+B9HkcsCG7RRR0ShLRxNnbJWsdBEB6ye7iydra1bT0
zX9Q3T4GpIqG8Xl6mMAmq7/kMF9Egd8w3ADNRKtIzbxFPgVmE3MaKoH0yoPbmODZ
JjbOkx3Wou4/stNNIyWlzOK5mxHCtF/j2II6BcwzBv8H6UJ9wz578gJDd2huGdEe
YCSOXtekIDg6Kv6m8D+t/jpn+Rg1yG3fn7Fh99zhQ4wbuxm81bSroXSklEZKhDbl
l4b8zry7VmxxPeaqLsuU4YU6OJvYX11soZ71xYf64ln8VZYZ+j26NXCDZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLVzwBpjHjBlLf2PxiyHWeG5vOLvMB8GA1UdIwQY
MBaAFMGwUCESGdGOmW4IbLf2MJF4gEhgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2JCUUlSSVowWTZaYmdoc3RfWXdrWGlBU0dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8yOGE4ZjMtODg5ZS00NTQ5LWE0NGUt
Y2UyMjUxODdmYzM4LzEvdFhQQUdtTWVNR1V0X1lfR0xJZFo0Ym04NHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8yOGE4ZjMtODg5ZS00NTQ5LWE0NGUtY2UyMjUxODdmYzM4
LzEvd2JCUUlSSVowWTZaYmdoc3RfWXdrWGlBU0dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWWyGMA0G
CSqGSIb3DQEBCwUAA4IBAQCNQcp3CjaSH/+ZJef5JBXt1pxgQ7tzFqkUhrffMwaY
BA85KaqB3YWdW8/hlKktWAEcTXEH0rSZYo+FZPm0xJMyQGSv8nzOY2ktBLoI0Mcm
2x+h0kCxlLnZ4bOJHySMXgthtiyNLB+7NTCYRd+SDOwzwik8quSi8sxiNSvTJvDw
7XugMM/R3S2sGIjIVt1KaNcFkEtPARwYMzcMWCybZb4aSU1h7VZsPtXhhRcuGAe7
uqlQniW36O5tliF9+bD3q483VBymyUd0Q+xi+flhMklOUimWNLaxcW1SD3U8X6Nm
NMFd8pZOsWtvwELY1KyLObFSCu6Pm/sg9y4W5e7ef5eX
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:26:37 2024 by rpki-client on console-ams.rpki-client.org